Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27E20EACA30211EE9DB96F1AD25BE465.roa
File:                     27E20EACA30211EE9DB96F1AD25BE465.roa (raw, json)
Hash identifier:          6v1KyQytF1AY8Tk7odT5/JjyuDk7lxSCl2lSnKy+OaQ=
Subject key identifier:   3C:43:72:9C:98:C5:D2:D3:A7:AE:86:B3:1A:80:CC:CE:B4:0C:02:59
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       670F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27E20EACA30211EE9DB96F1AD25BE465.roa
Signing time:             Mon 25 Dec 2023 08:46:55 +0000
ROA not before:           Mon 25 Dec 2023 08:46:52 +0000
ROA not after:            Tue 07 Jan 2025 08:46:52 +0000
asID:                     139057
IP address blocks:        154.85.66.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26383 (0x670f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Dec 25 08:46:52 2023 GMT
            Not After : Jan  7 08:46:52 2025 GMT
        Subject: CN=6589417f-a87c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:8e:2e:71:e9:4f:ad:a5:ea:89:8a:7a:bc:7e:
                    72:39:a4:c3:34:8f:78:bd:c8:8e:cb:8a:c3:61:15:
                    fe:7d:e9:1d:f0:a6:53:a6:94:e0:27:fe:18:70:ee:
                    c9:78:63:3f:8c:9d:41:17:80:45:61:40:26:99:0e:
                    40:70:70:d5:ed:31:2d:ce:a6:36:55:5f:38:3f:5b:
                    08:15:85:c5:f4:dd:63:a4:f0:ac:5d:71:81:84:da:
                    56:30:8b:35:00:2a:d8:8d:6e:b9:02:66:4a:eb:dd:
                    af:58:ec:09:b0:9e:22:2b:49:d6:48:56:d5:8a:b4:
                    4b:b9:ca:21:69:3d:56:21:12:84:51:5e:eb:e9:12:
                    3b:e2:3a:e8:12:14:7c:54:15:d2:01:43:17:42:23:
                    ce:62:e8:73:fe:12:ce:73:9e:3a:df:1e:f9:39:0c:
                    fd:cb:a2:25:6a:bd:59:a2:bc:54:69:79:bb:53:7e:
                    f2:93:18:5e:69:12:c7:91:55:9c:1c:dc:b5:7f:e2:
                    59:f8:df:f2:b4:72:ce:c8:44:a2:44:27:eb:22:59:
                    cf:76:23:94:64:78:85:c5:bb:2d:14:3f:cc:a2:f5:
                    6a:8b:a9:09:2a:34:83:0c:bc:1b:b5:20:9d:3e:b3:
                    b6:3c:89:d4:c1:c5:11:f4:2d:a1:f9:f2:49:27:f0:
                    4d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:43:72:9C:98:C5:D2:D3:A7:AE:86:B3:1A:80:CC:CE:B4:0C:02:59
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27E20EACA30211EE9DB96F1AD25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.85.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:21:3d:e9:ae:e4:40:27:cc:7f:0e:08:11:40:42:5e:6e:be:
         55:91:07:32:34:48:86:6b:ac:89:e3:97:50:3f:ed:5e:b3:b9:
         e5:f1:93:83:b4:89:59:48:a2:a9:48:93:94:01:1c:e9:b9:53:
         b8:12:09:c0:3f:a7:48:45:39:ca:0a:19:fa:77:6c:db:8b:8c:
         7a:39:dd:6b:db:36:79:03:3e:6f:c1:07:26:80:8a:90:f5:41:
         0e:c1:a4:0f:ca:75:c5:31:27:8b:eb:38:a0:4c:65:9e:e2:d3:
         69:12:73:8b:57:cf:d9:da:4d:a2:40:d9:b6:9e:a4:c3:10:4a:
         e3:f3:0e:0d:23:fb:ef:d9:34:6f:1b:cd:1b:9e:94:e5:86:cf:
         12:8b:b7:8e:9a:d3:8e:89:1d:37:cd:f5:1d:20:8b:9e:ca:28:
         a1:95:0e:52:9a:1e:71:69:f4:53:72:d0:19:ad:0c:bd:5d:d9:
         3c:c7:c4:e7:ec:4d:42:37:4a:19:9e:0b:08:b7:2c:95:38:05:
         41:db:ac:d6:8d:72:aa:80:ca:28:eb:97:71:c6:3f:7c:8b:69:
         46:c9:87:14:58:f9:9e:92:e6:da:fb:22:12:ee:b6:56:b2:fd:
         25:f9:82:aa:56:89:6f:78:fe:4e:90:ed:35:05:45:e1:07:90:
         60:17:2b:48
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICZw8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzEyMjUwODQ2NTJaFw0yNTAxMDcwODQ2NTJaMBgxFjAU
BgNVBAMTDTY1ODk0MTdmLWE4N2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUji5x6U+tpeqJinq8fnI5pMM0j3i9yI7LisNhFf596R3wplOmlOAn/hhw
7sl4Yz+MnUEXgEVhQCaZDkBwcNXtMS3OpjZVXzg/WwgVhcX03WOk8KxdcYGE2lYw
izUAKtiNbrkCZkrr3a9Y7AmwniIrSdZIVtWKtEu5yiFpPVYhEoRRXuvpEjviOugS
FHxUFdIBQxdCI85i6HP+Es5znjrfHvk5DP3LoiVqvVmivFRpebtTfvKTGF5pEseR
VZwc3LV/4ln43/K0cs7IRKJEJ+siWc92I5RkeIXFuy0UP8yi9WqLqQkqNIMMvBu1
IJ0+s7Y8idTBxRH0LaH58kkn8E3hAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUPENy
nJjF0tOnroazGoDMzrQMAlkwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzI3RTIwRUFDQTMwMjExRUU5REI5NkYxQUQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVUIwDQYJKoZIhvcNAQEL
BQADggEBAL0hPemu5EAnzH8OCBFAQl5uvlWRBzI0SIZrrInjl1A/7V6zueXxk4O0
iVlIoqlIk5QBHOm5U7gSCcA/p0hFOcoKGfp3bNuLjHo53WvbNnkDPm/BByaAipD1
QQ7BpA/KdcUxJ4vrOKBMZZ7i02kSc4tXz9naTaJA2baepMMQSuPzDg0j++/ZNG8b
zRuelOWGzxKLt46a046JHTfN9R0gi57KKKGVDlKaHnFp9FNy0BmtDL1d2TzHxOfs
TUI3ShmeCwi3LJU4BUHbrNaNcqqAyijrl3HGP3yLaUbJhxRY+Z6S5tr7IhLutlay
/SX5gqpWiW94/k6Q7TUFReEHkGAXK0g=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:57 2024 by rpki-client on console-ams.rpki-client.org